From owner-freebsd-questions@FreeBSD.ORG Fri May 1 06:25:12 2015 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DC704CD0 for ; Fri, 1 May 2015 06:25:12 +0000 (UTC) Received: from smtp.infracaninophile.co.uk (smtp6.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3cd3:cd67:fafa:3d78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.infracaninophile.co.uk", Issuer "ca.infracaninophile.co.uk" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id C13A61DAD for ; Fri, 1 May 2015 06:25:11 +0000 (UTC) Received: from liminal.local ([192.168.100.5]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.15.1/8.15.1) with ESMTPSA id t416OmIP093914 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Fri, 1 May 2015 07:24:49 +0100 (BST) (envelope-from m.seaman@infracaninophile.co.uk) Authentication-Results: smtp.infracaninophile.co.uk; dmarc=none header.from=infracaninophile.co.uk DKIM-Filter: OpenDKIM Filter v2.9.2 smtp.infracaninophile.co.uk t416OmIP093914 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=infracaninophile.co.uk; s=201001-infracaninophile; t=1430461489; bh=woNdinTC78hXcc8ZlDmptxfTXQCe/jeP0BHad30snJg=; h=Date:From:To:Subject:References:In-Reply-To; z=Date:=20Fri,=2001=20May=202015=2007:24:35=20+0100|From:=20Matthew =20Seaman=20|To:=20freebsd-questi ons@freebsd.org|Subject:=20Re:=20minor=20syslog=20issue|References :=20<55422366.8060000@hiwaay.net>=20<554229CE.30009@infracaninophi le.co.uk>=20<55422E43.8090206@hiwaay.net>=20<5542348D.8000109@infr acaninophile.co.uk>=20<5542BC7F.7050602@hiwaay.net>=20<5542BEBA.50 80207@hiwaay.net>|In-Reply-To:=20<5542BEBA.5080207@hiwaay.net>; b=UCzV2xSmH55eHDnjQ8be7KzizPvjhsEVnYDfsMNMVmYqSuAyRofvm0pseT3Ch6leF grxVuw7iI48SU7r7TxfS3YF9+g2Gp2afkC6YIw9wkOlQkQI9kfOdE12rEekYSFwc6Q O1W233z10MtSSX/0P3ySp2s9g42IifUWXk1ULQHg= X-Authentication-Warning: lucid-nonsense.infracaninophile.co.uk: Host [192.168.100.5] claimed to be liminal.local Message-ID: <55431C23.8010809@infracaninophile.co.uk> Date: Fri, 01 May 2015 07:24:35 +0100 From: Matthew Seaman User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: minor syslog issue References: <55422366.8060000@hiwaay.net> <554229CE.30009@infracaninophile.co.uk> <55422E43.8090206@hiwaay.net> <5542348D.8000109@infracaninophile.co.uk> <5542BC7F.7050602@hiwaay.net> <5542BEBA.5080207@hiwaay.net> In-Reply-To: <5542BEBA.5080207@hiwaay.net> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="9jcv3XQCRq74fNnkP6epPolhT6fjEKRLU" X-Virus-Scanned: clamav-milter 0.98.6 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.6 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU autolearn=ham autolearn_force=no version=3.4.0 X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lucid-nonsense.infracaninophile.co.uk X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 May 2015 06:25:13 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --9jcv3XQCRq74fNnkP6epPolhT6fjEKRLU Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 01/05/2015 00:45, William A. Mahaffey III wrote: >> syslogd on kabini1 should be accepting traffic from all ports: >> >> [root@kabini1, /etc, 6:40:19pm] 366 % ps -ax | grep syslog >> 783 ?? Is 0:39.07 /usr/sbin/amd -p -a /.amd_mnt -l syslog /ho= st /etc/amd.map /net /etc/amd.map >> 73506 ?? Is 0:00.10 /usr/sbin/syslogd -a 192.168.0.0/16:* -C -T= >> 8622 4 S+ 0:00.00 grep syslog >> 73648 7 S+ 0:00.93 tcpdump port >> >> i.e. looks like the traffic is there, but syslogd isn't recording it (= ?) .... Any clues appreciated. > *Aaaaaaaaaaaaack* !!!! Looks like ipfw was catching it, I had changed m= y > rules to allow *some* udp traffic a few days ago, but didn't open it up= > enough. Just changed that & we'll see either later today or tomorrow at= > the next 'syslogd restart' .... Sorry for the noise :-/ .... Looks like you've pretty much sorted the problem. A bit late now, but you would have been able to generate syslog traffic at will on your RPi using logger(1). Although I guess you'll still want to observe things over a syslog restart to make sure everything works even if the source port changes. Cheers, Matthew =09 --9jcv3XQCRq74fNnkP6epPolhT6fjEKRLU Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iQJ8BAEBCgBmBQJVQxwqXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2NTNBNjhCOTEzQTRFNkNGM0UxRTEzMjZC QjIzQUY1MThFMUE0MDEzAAoJELsjr1GOGkATqrsP/3w14FnplpD73ZzR7ykGTKBn jcJWE6r37p9v0un4gJKFDXXvMp2WBSuy9Rcnq8uYNtXbJ54Xp6jANBtcdgM4n6t2 +nalwKyHRzCI+S2t0sDVLPgE4ur+aCgIwm5xVwAA0ZbW17cxNL0slxIwIcay6ZNP cMrW6S9QyhEPF0u24xE/1e07azsO6m9SqQ4+OK69ZAXFGuL9ZhYj/Anf4jg1V2YP VszDJWMjL6Kfvjnpsvoa90W9rtt03k+/Xl5OscPdAiodwJZd9KnCzgWezoxFmRfu Cx56OIgfvxse4qEgRbl3ecBEkoME6KpsgSuzOljEV5PuDMmxgMByyhUr5dYGg2Ei k/Si00XygtYUOLqKoWmLvy79hfDXLQNmPh+QSH0OpYTrnVOFyctOvVBM9GSeO+/u z03Fj+CgCtQb8FmzQx5P+7qPrGnbUDSMa4McZdfRfQTVGnXlQJN7vcIo0S95u4Sm uRuEXlMIBsBz7ggpJJ/LXrF7UsaTGFt5AGAyDrs51My6YXU4tCdwSq7C1zco65d7 QNUcA30P73IguHnOKirrY0hSbPkCcRxeRQmRowM7J4CANjuEnWWefeQwJR6cp/fL rxt2N+7YhFoKPuUhx80xsKqJpdxQMuaHcryOGUHIAXi3byO5i10ulnzK6qI1GGH2 HZlRFJhfJb2BUxMhdn+Q =iYan -----END PGP SIGNATURE----- --9jcv3XQCRq74fNnkP6epPolhT6fjEKRLU--